SOURCE: Ounce Labs

June 14, 2007 10:03 ET

Ounce Labs Founder and CTO Jack Danahy to Discuss Government Agencies' Use of Source Code Analysis to Discover Security Vulnerabilities at SSTC

WALTHAM, MA--(Marketwire - June 14, 2007) - Jack Danahy, Founder and CTO for Ounce Labs, the industry leader in software risk analysis, will present a session with Commander Tony Parrillo, director of the U.S. Navy Network Warfare Command (NetWarCom) FORCEnet Execution Center entitled, "Software Assurance at the Code Level" at the System & Software Technology Conference (SSTC) this week.

Session Overview: Cyber-attacks on the Department of Defense are on the rise; hackers and viruses alike are probing the network's tens of thousands of times a day, putting critical and confidential data at risk. With 75 percent of these attacks occurring at the application layer, focusing security efforts at the network level is not enough. An efficient, effective source code analysis program can help agencies reduce the money and manpower involved in the certification and maintenance of software and systems, decrease the mission risks presented by software developed internally or by an outsourcer, and decrease the potential downtime of operational systems.

This presentation will present a case study for the U.S. Navy's NetWarCom, discussing the importance of source code analysis to discover security vulnerabilities that go beyond simple coding errors. Additionally, attendees will be given an overview of available tools and techniques to discover these critical software vulnerabilities.

The conference is being held in Tampa, Florida June 18th - June 21st at the Tampa Marriott Waterside Hotel & Marina.

Mr. Danahy and CDR Parrillo will present on Tuesday, June 19th at 3:20 p.m. as part of Track 1.

Jack Danahy is founder and Chief Technology Officer of Ounce Labs as well as one of the industry's most prominent advocates for software security assurance. Prior to Ounce Labs, he founded Qiave Technologies, a pioneer in kernel-level security that was acquired by WatchGuard Technologies in October of 2000. Previously, Jack served as Managing Director of Engineering for BBN/Genuity's managed security services. He holds patents or has patents pending in kernel security, secure remote communications, systems management and distributed computing.

Commander Tony Parrillo, director of the U.S. Navy Network Warfare Command (NetWarCom) FORCEnet Execution Center, which operates and sets requirements for the Navy-wide network, as well as evaluates and recommends technology. Parrillo is also the lead for Trident Warrior, the major annual FORCEnet Sea Trial event designed to provide speed to capability and rapid fielding of improved command and control warfighting capability to the fleet.

About Ounce Labs, Inc.

Ounce Labs™ solutions enable organizations to identify, prioritize and eliminate business risk to the enterprise caused by software security vulnerabilities. With Ounce Labs, organizations strengthen application security, protect confidential information and verify compliance with both internal policies and industry mandates such as PCI, FISMA, HIPAA and others. Ounce Labs' software analyzes application source code to provide the most complete and accurate analysis of application vulnerabilities and their relative priorities, enabling business users and IT professionals to optimize their resources on resolving the most critical issues. Unique in its ability to scale across an organization's entire portfolio of applications, Ounce is used enterprise-wide by many of the world's most security-conscious organizations, including AT&T, EDS, IBM, Intel, Lockheed Martin, MFS, the U.S. Air Force, the U.S. Government Accountability Office, Unisys and Verisign. Led by senior executives with deep enterprise software and security expertise, Ounce Labs is headquartered in Waltham, Massachusetts, with regional offices throughout the U.S. For more information, please visit www.ouncelabs.com.

Contact Information